Posts Tagged ‘slashdot’

I’ve said a few times on Slashdot that Apple is likely to partner with Microsoft for search on the iPhone. A few people have given me rebuttal directly and a portion of the Slasdot crowd thinks this is unlikely. Here is why I think Apple is not big enough to do search on their own.

In a Slashdot replynode_3 replied to me that “Apple is one of the largest companies in the world”. I’m not sure what he means by large. Sure – Apple is in the top Fortune Global 500 for 2009 at #253. But consider these items from the Fortune list:

Now consider Apple’s business model – they sell ‘things’ (as in physical do-dads) and music. They have a relatively small “software and services” Business at ~8% of total revenue (cite). Its fair to say they are not a software company. NOTE – do not panic! Apple develops some great software! OSX is truly a world class client operating system and the iPhone changed the game dramatically. But, their business model isn’t selling software – its selling ‘things’. Just look at the numbers (all in billions of dollars). 79% of their Q2 revenue came from selling ‘things’. Only 8% was “software and services” and I suspect most of that is services.

76% of our Q2 2009 revenue is just software. And not just any software – world class products that have been consistent market leaders for years and years. Say what you want, but people keep buying Microsoft software despite very real and credible competition – some of which is free. (that’s a topic of a future post…)

Just Windows alone (our “client” business) is 36% larger than Apples Mac business (desktop + Portables) by revenue alone. Unfortunately, I cannot find a public source that indicates Windows unit shipments in that time frame, but in Q2 2009, Apple had about a 7.6% market share in the US at about 1.21 million Macs (cite). Apple has their best share in the US, with much lower market share in other world wide markets. Its safe to say that Windows shipments dwarf Apple’s client shipments.

The point in all this is that Apple does not have the chops to build a competitive search engine. Yes, if they decided to do that, they could – they fundamentally have the revenue to do so. But it would take them years. first, they would have to hire people and grow the expertise. It takes a massive investment in people and assets to build a world class search engine. It also takes another key element: the corporate fortitude to stick with it for years. That is why there are just two of them – Google and Bing. If it was easy, there would be more than two.

I’m sure someone will point out there are more than two search engines… yes of course, but there are only two that matter… Google and Bing, this is especially true since Bing now powers Yahoo (cite). And most importantly, Bing is showing slow and steady growth (cite). Its early yet of course, but remember, Microsoft has a strong history of sticking with things… (yes, we drop things too, but we do it deliberately, no flaming out like Sun…)

So in one sense, you won an ‘internet argument’. Woot! Yes, in a narrow technical sense, Apple is ‘big enough’ to build a world class search engine. But I stand by my statement.

In practicall terms, Apple is not any where near large enough to build their own search engine: they have no foundations on which to build. its just not in their league. They would have to start from scratch. It would take them years to do this and a huge investment in terms of time, effort, energy, and money.

Hey! If you had a few billion dollars in yearly revenue, you could try it too. But would you be successful? Very likely not – even if you are a pretty smart guy. That aptly describes Apple today with respect to search.

The biggest barriers to entry here isn’t money. Anybody with a few billion can build a series of world wide data centers. This isn’t science – its engineering.

Building a successful world class search engine that can successfully complete with Bing and Google requires something much harder to obtain – skilled and experienced people. A skilled and experienced person is the true unobtainum.

These people do not grow on trees. There really very, very few of them. In the search space I’d suggest they number in the few hundreds, maybe even less. Most of them are currently employed at Google or Microsoft. Its also a lot of work to grow them – Microsoft and Google both do that very successfully. Yahoo did too, but couldn’t keep up on the business front.

One of the reasons Microsoft wanted to buy yahoo is to get their best people. Their business was interesting too, but their people were key to the deal. Dr. Qi Lu is the canonical example. I’m senior enough to go to periodic internal briefings by senior execs; let me tell you, Dr. Qi Lu is one of the most intelligent and effective people I’ve ever heard. He is in the same league as Bill himself. He has had a very positive and dramatic effect on Microsoft, both externally and internally. He is a high profile example, but only one of many. There are a lot of other good people that came from Yahoo. They are doing impressive things.

In summary: Apple needs a world class search engine on the iPhone. There are two, Google and Bing. Yes, we compete with Apple and will likely do so directly in the mobile phone market, but Apple cannot build their own effective search engine in any time frame that matters. I maintain that Bing and Microsoft is by far the best choice for Apple.

I just noticed your most recent post here. I almost never look at positing from Anonymous Cowards, but I mistakenly clicked on a link that I thought was from Symbolset.

First, I really and truly do appreciate that you are trying to be helpful. You have certainly been persistent.

This blog post contains my thoughts on some of your Slashdot posts: #29969474, #30308758, #29980114,#30303590, #30011606, #30021114, and #30340094. These posts have a lot of info, questions, links and other things that I thought I’d try address a couple of the top level things. Note, I apologize if I missed some of your posts. I put in an effort to hunt them down, but you are posting Anonymously which makes your posts really hard to find.

I’d like to begin by addressing a couple of items from your posts. I’m not anonyms and there is nothing “alleged” about me me as development manger in Windows. I’m pretty “out there” in the public sense. And most importantly, I’m not refusing to respond to your posts or blowing you off (both phrases you use in your posts) I just don’t pay attention to Anonymous posts – there is no obligation for me to do so. The fact that I noticed your most recent post is a happy accident.

Oh yes, this post is somewhat long and I’m terrible at editing my own writing – please forgive any spelling or grammar mistakes.

Here are some comments on your two top level items:

1. Tell us why rootkit.com said X, Y and Z:

I read the rootkit.com article you referenced (here). From your posts, I believe you are assuming that the kernel networking APIs in Vista and W7 is bad, or problematic in some way. This isn’t how I read the article or understand the NPI kernel mode APIs.

My take is different: To me, the rootkit.com article is very factual in nature, they are not sating any opinions or making any “claims” (to use your word). One of the most interesting things form the article is this:

This jives with my understanding. Prior to Vista, some companies hooked Windows components (in both kernel and user mode) in very “ugly” ways. Specially in ways that the OS was not at all designed for. While I’m sure these vendors employ some really smart developers, its hard enough for people at MSFT to do this well, let alone people that do not have a thorough understanding of the Windows operating system and how its used.

Preemptive Slashdot response:“If Windows was open source it wouldn’t have this problem – anyone could see the source and do things properly.”

What the networking team did for Vista, and improved in Windows7, is to make it easier for partners to write well behaved, reliable and well performing security products. Part of this was moving them away from the old TDI APIs which the rootkit.com article says where hard to use and not well document to the new APIs.

You seem to be thinking that because the new APIs are easier to use for developers – and better documented than the old TDI stuff – that somehow this makes Windows less secure. If that is what you are insinuating, then you are very much mistaken.

Hacking and hooking is inherently problematic and causes all kinds of reliability and security problems. This isn’t a windows thing – its a OS thing. Unsupported hooking and hacking in kernel mode is a problem for any operating system, no matter how well intentioned.

Well documented, easy to understand, debug and use APIs are important for enabling partners to write software that is reliable, robust, secure and well performing.

The new networking stack was designed so that developers didn’t have to hook and hack kernel mode components to implement firewalls and other networking security products. This gives end users a more reliable, robust and well performing system. That’s a good thing.

Most important these new APIs are a necessity: Partners cannot develop products for 64-bit windows without them as 64-bit Windows doesn’t allow kernel hacking, hooking and patching. Features like PatchGuard, allowing only signed drivers, and DEP make such APIs essential.

Let me set expectations. I’m not an expert in this area but I’ll spend a little time on this. If I find an answer, I’ll post something on my blog here. Please be patient and don’t nag me about it.

Now about host file size… I’m not an expert about the use of the hosts file, but I’m pretty sure its not designed to grow really large.

In one of your posts you cite this article Resurrecting the Killfile by Oliver day. You mention that his hosts file has grown to 16,000 lines long. That’s really large… Look at it this way:

Lets say that each line averages 50 characters – an IP address, some white space, a host name and possibly a short comment. In this case, a 16,000 line hosts file would be about 780 kilo bytes in size. That’s pretty big. I’m pretty sure that we didn’t design the system for hosts files that large – they work, but I would certainly call hosts files of this size a very, very tiny “corner case”. Remember, we’re designing and building a system for hundreds of millions of people. While its an educated guess on my part, I suspect that the hosts file on all but a very tiny fraction of systems are just a few KB in size – at the most. For example, all the systems at my house have the default host file that comes with windows – nothing has modified them. While certainly not representative, its interesting anecdotally.

Note, I completely understand how using the hosts file can be useful to some people – that groovy. What I’m saying is that we didn’t proactively design for hosts files to be this large.

Now, using the hosts file the way Oliver day does, and you do, may be a great idea! But I really don’t know. The best thin to do is use the most effective channels to give the right people that suggestion. Read the info toward the end of this post for more information on how to do that.

Again, while I’m not an expert in network security, I suspect that there are many better ways for security software to control and block access to host names than to use the legacy hosts file. And it is a legacy thing, it is what was used before DNS worked reliably or broadly.

For example, I know that Microsoft has security and related software that blocks phishing sites, malware sites and and other kinds of things. They have quite a sophisticated system for publishing sites, pages, and other things that need to be blocked. I know that other security software vendors do a very similar thing. I expect that their data bases of ‘bad’ sites and pages is way larger than sixteen thousand entries – I suspect two or three orders of magnitude larger.

I suggest to you that more sophisticated methods of managing lists of ‘bad’ sites and pages are way, way better than using the old legacy hosts file. Storing IP address and hosts names in a simple ANSI text file is probably the least effective way to do this. Here are some issues I can think of off the top of my head:

It is not a compact format

It has to be read into memory often – the file itself isn’t searchable or indexed.

No support for Unicode host names (its an ANSI text file, not UTF8)

There is no way to control access for readers and writers – its a text file not a database…

If I was a malware writer this is the first place I’d look to change things. Oliver day mentions this in his article. So does Wikipedia.

Now, I really and truly appreciate that you are working to be helpful in your own inimical way. But to be open, honest and respectful [1] your approach to driving change in the Windows OS is probably the least effective you possibly could have chosen:

You are assuming I am the best person to answer your questions and ask me “what you plan to do about it” I’m just one dude. I’m pretty senior, but I’m certainly not in the inner circle. My specialty is performance, not security or networking.

You are assuming I’m actually going to read replies from an Anonymous Coward on Slashdot in any kind of a timely manner. That’s a really bad assumption. I almost never read anonymous replies or posts in general. you are labeled an Anonymous Coward for a reason…

You are assuming that the fact that you are replying to me puts me under some obligation to reply. It does not.

Your writing is the least effective type to encourage someone to take you seriously and understand what you are working to say.

You seem to be assuming that places like Slashdot and blog comments (even on the Windows 7 engineering blog) are effective places to give people in the Windows organization actionable feedback. They are not.

I’d like to comment on your writing – it is polemic at best. Its also disjoint and fractured. The posts of yours I’ve see are the equivalent of ranting and yelling while waving your arms about – in my face.

At least one other has given similar feedback here. Spun is giving you good advice here:

… you sound smart. You are writing to communicate ideas to others, not to hear yourself type, right? Then take the other guy’s advice: make it brief, summarize and write in normal English.

You didn’t take that simple and polite feedback well at all.

I’m going to ditto his advice: This isn’t about the use of English. Your posts are hard to follow. Their tone and tenor is very off putting and “in your face”. This is true as individual posts, but even more true taken collectively. I realize this is a very informal forum, but its not a bad idea to focus on clarity and succinctness when working to communicate detailed technical information. The longer the post, the more this is true.

Next, you can really be rude. I readily admit even I can be a bit snarky, but these kinds of posts (#30011606) damage your credibility and give people and excuse not to take you seriously and to ignore you.

My point is this: if your goal is to be impactful – to get things changed – then you need to do a few things.

Don’t use very informal places like Slashdot or even MSFT blogs to give MSFT your feedback. We have readily available official channels. Use them (I’ll explain how shortly). As the blog says here, we get a TON of feedback, its hard enough to mange as it is and we put a lot of time effort and energy into doing so.

Focus on one thing per item. For example, if you have three things on which to give MSFT feedback, file 3 bugs, or send three separate messages – don’t smoosh them all into one thing.

The connect program is pretty cool and is how people can directly file bugs and send feedback and comments to Microsoft. We have a very rich internal system for handling this information. The bugs and suggestions you enter go directly to the owning team.

You get a dashboard, and there are forums for discussions, not just with MSFT people, but with others in the connect program as well. There is a program specifically for Windows networking – this is the one you should apply for. Note, there doesn’t seem to be a general “windows 7” category, I’m not sure why that is. I’ll try to find out. I’ll post what I learn on this blog.

Connect is the best way to “get Microsoft’s attention”. I hope you are successful doing so on connect. Its work, but you have shown you are persistent – be persistent at using connect.

My intention here is not to refute your posts or argue with you; my desire is give you my thoughts on some of the thins you ask me about on Slashdot. Feel free to post comments here on my blog, but I’m not going to maintain this conversation on Slashdot. I think its more effective to do that here on my blog. Its more discoverable that way.

Lastly, I have one last requests: Get a Slashdot login and user name. there is really no reason for you to be an Anonymous Coward. this will let me follow you as you participate on Slashdot.